Last Day to Save $400 on 4-6 Day Courses at SANS Baltimore Fall 2018!

SANS Security Insights

Just Say No to Ransomware

Just Say No to Ransomware

By Deb Radcliff

Editor-in-Chief, SANS Analyst Program

Ransomware is pervasive and it's boggling the collective brains in the FBI, which in 2015 suggested it might be easier for victims to pay ransom rather than attempt to decrypt the captured systems. Now, nearly a year later, the FBI has started asking victims to come forward and report their stories "regardless of the outcome" of their cases.

SANS research confirms that the use of ransomware is growing. The SANS 2016 Threat Landscape Survey found that ransomware was second only to phishing in terms of attack vectors.

This SANS Survey also shows the rapid rise of ransomware to become the top security issue causing damage to organizations today. In the first half of 2016, Ransomware was the second most impactful event type organizations experienced besides spear phishing, according to the SANS 2016 Threat Landscape Study. (Note that ransomware, which automatically encrypts files on a target system, is delivered through malicious links in phishing emails.)

And, ransomware now outranks spear phishing, based on responses to our soon-to-be published survey on security and risks in financial services companies. In the SANS 2016 Financial Services Security Survey, publishing October 20, 2016, 55% of respondents cited ransomware, such as cryptolocker, as their most impactful type of event, versus 50% who cited spear phishing or whaling. In this survey, the largest group (32%) reports losses between $100,001 and $500,000.

Without the key to unlock these files, the encrypted systems are usually rendered unusable until ransom is paid for the key to unlock them. That's why the FBI, SANS and other experts recommend secure, safe, offline backups be kept in order to restore encrypted systems.

There are a number of helpful resources, to assist administrators, researchers and end users for detecting and responding to debilitating ransomware, including:

Experts also recommend good hygiene on systems to render them less vulnerable to a crytolocker-type attack, along with continuing education of end users to help reduce or eliminate phishing and other entry points to ransomware attacks.


Post a Comment


* Indicates a required field.